$OpenBSD: patch-mod_auth_radius_c,v 1.1 2005/01/14 17:33:17 jcs Exp $
--- mod_auth_radius.c.orig	Mon Mar 24 13:16:15 2003
+++ mod_auth_radius.c	Fri Jan 14 11:28:55 2005
@@ -302,7 +302,7 @@ module radius_auth_module;
 #define DPRINTF printf
 #else
 #define DPRINTF
-#endif DEBUG_RADIUS
+#endif
 
 /*
   RFC 2138 says that this port number is wrong, but everyone's using it.
@@ -971,9 +971,9 @@ find_attribute(radius_packet_t *packet, 
   }
   return attr;
 }
-#define radcpy(STRING, ATTR) {memcpy(STRING, ATTR->data, ATTR->length - 2); \
-                              (STRING)[ATTR->length - 2] = 0;}
-
+#define radcpy(STRING, ATTR) {memcpy(STRING, ATTR->data, \
+	(ATTR->length - 2) < 0 ? 0 : (ATTR->length - 2)); \
+	if (ATTR->length > 1) (STRING)[ATTR->length - 2] = 0;}
 
 /* authentication module utility functions */
 static int
